Almost all users at home PC’s have Windows on their machines. I’m in no way comfortable with it, because it’s rather unstable, slow and you have to allow Microsoft’s Data spyware. They explain to look at your “interactions” to improving their product, in plain text they download your emails in Outlook, your browser data, your pictures and videos, your software usage and much more and share all of it with dozens of other companies and US authorities. The same is true for Apple devices and Handies with Google’s Android. Nothing of that happens with a Linux system.
My personal use of windows is restricted to only two user programs, namely sometimes Adobe Pro and the software for my tax declaration once in a year. Furthermore I use Windows only with disabled networking. Since I’m not a “gamer”, I find for each other task equivalent or better Linux apps, from multimedia studio, image and video editors, office programs, servers and databases and many more – and all free of charge and without giving data on my machine to servers in the USA or elsewhere.
However, since most of my friends have Windows since purchase of their PC’s, from XP to Win 11, I’ll give some recommendations what to do with it to reduce Microsoft’s data theft, and how you can preserve older systems like Windows XP etc. with all the installed software as a virtual hard disk for use in Linux or other systems with Oracle’s Virtual Box. In my experience this can be done with little effort and works well. That way, friends of mine can still use their extensive (and formerly expensive) software packages and their work with these in older Windows systems. So let’s start with that hints:
What to do with Windows for a better Data Security?
1) Use a local Account without registering at Microsoft. For a new installation you can prepare this with an .iso-file of Windows that is brought to a bootable USB stick for installation made with the small program RUFUS. Set GPT/UEFI and specify in Rufus to create a patched version for a local account, with reduced data collection and without Microsoft’s request for TPM and Secure Boot (for Windows 11 on older machines without TPM2.0). Boot that stick via UEFI choice and install. During installation disable your internet connection and choose “I dont have internet” and make a “restricted setup“. Thus a local user account is installed. Afterwards you can enable networking with LAN or WLAN, activate and update your Windows (I my case, free activation as administrator in a terminal window worked that way or that way). I recommend three disk partitions, one for Windows, one for Data with NTFS filesystem and a third for Linux. The Data partition can then be read and written from both operating systems as a data turntable. When you transfer data from the NTFS filesystem to Linux, observe that you need Unix/Linux line ends there, which are different from DOS/Windows line ends.
Resist the repeated “invitations” to make a Microsoft account or share your data. I recommend the Firefox browser instead of Edge and Thunderbird as Mail client instead of Outlook, because using the latter transfers your mails to Microsoft servers and they are probably forwarded to many others.
Check your installation for maybe missing drivers, find and install them.
2) You should follow the recommendations of “Bundesamt für Sicherheit in der Informationstechnik” (BSI). You can download them here. The paper is related to Windows 10, but can also be used with Windows 11. One uses the command “regedit” as administrator and navigates through the folders of HKLM, i.e. HKEY LOCAL MACHINE. Edit along the recommendations given in the BSI paper, section 3. It should be done in 15 minutes or less.
3) Go to the Security Settings in Windows and disable all the apps and services that you dont need.
4) Check (especially in older machines), whether all necessary device drivers are installed. This is a somewhat annoying task installing Windows 11 on an older computer. Remarkably I never had any driver problems with Linux, apart from the first few years of it in the 1990s. Test, whether Drivereasy, Snappy-Driver-Installer or DriverPack can help you out. I used them with success. Afterwards uninstall the undesirable additional software, if installed from these sites during the process (Opera browser for example, if not desired).
Getting Windows ready. Don’t turn off your computer
How can I store a Windows system, the Software in it and all my User Data in a Virtual Disk (VHD)?
Scenario: A friend had an old Windows XP system with lots of software and personal work with it. Now his old PC is at the end of its lifetime. He needed to preserve the whole system for his work.
1) You can place the harddisk or a clone of it into new hardware, if available. A recommendable cloning software is Macrorit Partion Expert Free Edition for this, which I used several times successfully.
2) A further possibility is to generate a virtual harddisk (VHD) of it, which can be brought to work in Oracle’s Virtual Box in a Linux system in a notebook or elsewhere. In my experience this is an easy way to preserve and transfer older systems to new hardware environments, preferably with a Linux OS. Of course, you always have to find missing device drivers.
3) To generate a VHD is very easy for a Windows, which runs with a Master Boot Record (MBR) without UEFI. You simply use the small program disk2vhd and save your whole installation in a VHD. In a Virtual Box with Guest Additions and Extension Pack it should boot and start. Maybe you have to find and install some missing device drivers, and maybe you have to activate your VHD-Version again. In many cases the Windows 10 drivers work well also in Windows 11, if you dont find device drivers for Windows 11 on your hardware.
4) Only a little bit more effort is the task, when you have a GPT harddisk and an UEFI system. This is certainly the case for Windows 10 and Windows 11.
Here is, what to do:
a) Run a terminal window as administrator and use the command mountvol Z: /S (or another unused drive letter instead of Z:). This mounts the EFI-Partition to Z:
b) Run disk2vhd with partition Z: included (recognizable by its size of about 100 MB) and the others you want and thus generate your VHD in a destination folder. Suggestion: Save it in a data partition outside of your Linux, which is accessible for Virtual Box in Linux.
c) Install Virtual Box, the VBox Extension Package and the VBox Guest Additions (available in Linux and in Windows). If you do this in a Linux system, check that you are in the vboxusers group. Add a new virtual machine for your VHD, which you saved in a mounted partition. You can see the settings I made for a Windows 10 guest system in Linux in the following screenshots; especially mark ENABLE EFI in the system setting: vbox1.png, vbox2.png, vbox3.png, vbox4.png, vbox5.png. The SHARES directory in my Linux home folder is for data exchange between the Linux host and the Windows guest system in Virtual Box. It needs the Guest Additions to work.
d) Now, when you start your virtual machine for the first time, your VHD will not boot directly, but you get the shell of the bootloader GRUB, i.e. you see the command “grub>”.
The Grub shell uses a US keyboard. If you have a German keyboard, you have to use the following characters:
“(” is “)” on DE-Tastatur, “)” is “=” on DE, “=” is ” ‘ ” on DE (left of Backspace), “/” is “-” on DE, “,” is as on DE-keyboard.
Use the following commands in the Grub shell:
grub>ls this shows your disks and partitions; identify your EFI partition. In my case the EFI partition is in the first partition on the single harddisk, i.e. in (hd0,gpt1). Therefore enter:
grub>set root=(hd0,gpt1) (with German keybord set root’)hd0,gpt1= )
grub>chainloader /efi/microsoft/boot/bootmgfw.efi points to Windows Bootloader. Finally
grub>boot
If all went well, your VHD should now and furthermore boot into Windows. The seamless full screen mode works well for Windows XP, but unfortunately not for Windows 10. I did not test that with other Windows versions. There is a Manual for Virtual Box and you can easily find Youtube videos on it, if you need to learn more. Of course you can also install a new Windows version in Virtual Box with an .iso of it or other operating systems for tests and more. Set those .isos as optical drives for Virtual Box guest systems.
Finally
Set Restore Points, before you install software, and make Backups from time to time. Be careful, when you open Websites and emails, because Windows is a primary target for malware. As I already said above, I use it rarely and thus do not have more hints for it.